From a22b2085b1e4ad0dd6d91b48ae725671f7512ecf Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Mon, 14 Sep 2020 20:02:21 +0900 Subject: [PATCH] add settings for pkcs7 add wrapper to check the return value of snprintf fixed unit test fixed uninitialized variable --- .../examples/wolfssl_test/sdkconfig.defaults | 2 +- IDE/Espressif/ESP-IDF/test/test_wolfssl.c | 34 +++++++++---------- IDE/Espressif/ESP-IDF/user_settings.h | 9 +++++ wolfcrypt/src/pkcs7.c | 2 +- wolfssl/wolfcrypt/types.h | 32 ++++++++++++++++- 5 files changed, 59 insertions(+), 20 deletions(-) diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults b/IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults index 54d7b03da..6b3cd8ea3 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults @@ -1,2 +1,2 @@ -CONFIG_MAIN_TASK_STACK_SIZE=10000 +CONFIG_MAIN_TASK_STACK_SIZE=11000 CONFIG_TASK_WDT_CHECK_IDLE_TASK_CPU0= diff --git a/IDE/Espressif/ESP-IDF/test/test_wolfssl.c b/IDE/Espressif/ESP-IDF/test/test_wolfssl.c index 7edf53e18..b1cb8bd4c 100644 --- a/IDE/Espressif/ESP-IDF/test/test_wolfssl.c +++ b/IDE/Espressif/ESP-IDF/test/test_wolfssl.c @@ -308,8 +308,8 @@ int mp_performance_check(int mul, int mulmod, int exptmod) int mp_unitest_mul(const char* strZ, const char* strX, const char* strY, int verbose) { int ret = 0; - char* buf; - char* bufZ; + char* buf = NULL; + char* bufZ = NULL; int radixX_size; int radixZ_size; int radixY_size; @@ -338,7 +338,7 @@ int mp_unitest_mul(const char* strZ, const char* strX, const char* strY, int ver bufZ = (char*)XMALLOC(radixZ_size, NULL, DYNAMIC_TYPE_TMP_BUFFER); if(bufZ != NULL) { mp_toradix(&z, bufZ, 16); - bufZ[radixZ_size] ='\0'; + bufZ[radixZ_size-1] ='\0'; } if(verbose) { @@ -353,11 +353,11 @@ int mp_unitest_mul(const char* strZ, const char* strX, const char* strY, int ver buf = (char*)XMALLOC(radixX_size, NULL, DYNAMIC_TYPE_TMP_BUFFER); if(buf != NULL) { mp_toradix(&x, buf, 16); - buf[radixX_size] ='\0'; + buf[radixX_size-1] ='\0'; printf("X : %s ", buf); mp_toradix(&y, buf, 16); - buf[radixY_size] ='\0'; + buf[radixY_size-1] ='\0'; printf("Y : %s ", buf); } if(bufZ != NULL) { @@ -413,7 +413,7 @@ int mp_unitest_mulmod(const char* strZ, const char* strX, const char* strY, bufZ = (char*)XMALLOC(radixZ_size, NULL, DYNAMIC_TYPE_TMP_BUFFER); if(bufZ != NULL) { mp_toradix(&z, bufZ, 16); - bufZ[radixZ_size] ='\0'; + bufZ[radixZ_size-1] ='\0'; } if(verbose) { @@ -430,15 +430,15 @@ int mp_unitest_mulmod(const char* strZ, const char* strX, const char* strY, buf = (char*)XMALLOC(radixX_size, NULL, DYNAMIC_TYPE_TMP_BUFFER); if(buf != NULL) { mp_toradix(&x, buf, 16); - buf[radixX_size] ='\0'; + buf[radixX_size-1] ='\0'; printf("X : %s ", buf); mp_toradix(&y, buf, 16); - buf[radixY_size] ='\0'; + buf[radixY_size-1] ='\0'; printf("Y : %s ", buf); mp_toradix(&m, buf, 16); - buf[radixM_size] ='\0'; + buf[radixM_size-1] ='\0'; printf("M : %s ", buf); } if(bufZ != NULL) { @@ -459,8 +459,8 @@ int mp_unitest_exptmod(const char* strZ, const char* strX, const char* strY, const char* strM, int verbose) { int ret = 0; - char* buf; - char* bufZ; + char* buf = NULL; + char* bufZ = NULL; int radixX_size; int radixZ_size; int radixY_size; @@ -494,7 +494,7 @@ int mp_unitest_exptmod(const char* strZ, const char* strX, const char* strY, bufZ = (char*)XMALLOC(radixZ_size, NULL, DYNAMIC_TYPE_TMP_BUFFER); if(bufZ != NULL) { mp_toradix(&z, bufZ, 16); - bufZ[radixZ_size] ='\0'; + bufZ[radixZ_size-1] ='\0'; } if(verbose) { @@ -511,15 +511,15 @@ int mp_unitest_exptmod(const char* strZ, const char* strX, const char* strY, buf = (char*)XMALLOC(radixX_size, NULL, DYNAMIC_TYPE_TMP_BUFFER); if(buf != NULL) { mp_toradix(&x, buf, 16); - buf[radixX_size] ='\0'; + buf[radixX_size-1] ='\0'; printf("X : %s ", buf); mp_toradix(&y, buf, 16); - buf[radixY_size] ='\0'; + buf[radixY_size-1] ='\0'; printf("Y : %s ", buf); mp_toradix(&m, buf, 16); - buf[radixM_size] ='\0'; + buf[radixM_size-1] ='\0'; printf("M : %s ", buf); } if(bufZ != NULL) { @@ -562,7 +562,7 @@ TEST_CASE("wolfssl mp exptmod test" , "[wolfssl]") TEST_CASE("wolfssl mp mulmod test" , "[wolfssl]") { ESP_LOGI(TAG, "mp test"); - int verbose = 0; + int verbose = 1; /* Z X Y M */ TEST_ASSERT_EQUAL(0, mp_unitest_mulmod("02", "5", "1", "3", verbose)); TEST_ASSERT_EQUAL(0, mp_unitest_mulmod("01", "-5", "1", "3", verbose)); @@ -602,7 +602,7 @@ TEST_CASE("wolfssl mp mulmod test" , "[wolfssl]") TEST_CASE("wolfssl mp mul test" , "[wolfssl]") { ESP_LOGI(TAG, "mp test"); - int verbose = 0; + int verbose = 1; TEST_ASSERT_EQUAL(0, mp_unitest_mul("0A", "5", "2", verbose)); TEST_ASSERT_EQUAL(0, mp_unitest_mul("-0A", "-5", "2", verbose)); diff --git a/IDE/Espressif/ESP-IDF/user_settings.h b/IDE/Espressif/ESP-IDF/user_settings.h index af816e0cf..67b2d4391 100644 --- a/IDE/Espressif/ESP-IDF/user_settings.h +++ b/IDE/Espressif/ESP-IDF/user_settings.h @@ -43,6 +43,15 @@ #define CURVE25519_SMALL #define HAVE_ED25519 +/* when you want to use pkcs7 */ +/* #define HAVE_PKCS7 */ + +#if defined(HAVE_PKCS7) + #define HAVE_AES_KEYWRAP + #define HAVE_X963_KDF + #define WOLFSSL_AES_DIRECT +#endif + /* when you want to use aes counter mode */ /* #define WOLFSSL_AES_DIRECT */ /* #define WOLFSSL_AES_COUNTER */ diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 6e6d4ec03..28dc77d50 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -11853,7 +11853,7 @@ int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* in, word32 inSz, byte *tmpIv = tmpIvBuf; int encryptedContentSz = 0; - byte padLen; + byte padLen = 0; byte* encryptedContent = NULL; byte* pkiMsg = in; diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index 5301e161e..9b0bc7397 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -494,7 +494,37 @@ decouple library dependencies with standard string, memory and so on. for snprintf */ #include #endif - #define XSNPRINTF snprintf + #if defined(WOLFSSL_ESPIDF) && \ + (!defined(NO_ASN_TIME) && defined(HAVE_PKCS7)) + #include + /* later gcc than 7.1 introduces -Wformat-truncation */ + /* In cases when truncation is expected the caller needs*/ + /* to check the return value from the function so that */ + /* compiler doesn't complain. */ + /* xtensa-esp32-elf v8.2.0 warns trancation at */ + /* GetAsnTimeString() */ + static WC_INLINE + int _xsnprintf_(char *s, size_t n, const char *format, ...) + { + va_list ap; + int ret; + + if ((int)n <= 0) return -1; + + va_start(ap, format); + + ret = vsnprintf(s, n, format, ap); + if (ret < 0) + ret = -1; + + va_end(ap); + + return ret; + } + #define XSNPRINTF _xsnprintf_ + #else + #define XSNPRINTF snprintf + #endif #endif #else #if defined(_MSC_VER) || defined(__CYGWIN__) || defined(__MINGW32__)